How can I tell if MalwarePatrol is activated and working properly?
How can I tell if MalwarePatrol is activated and working properly?
Signed up for a monthly subscription to test it and they did not send me a code but I did get a order number when I payed by PayPal. I assume that number is what I put into the MalwarePatrol setting in E.F.A. ?
Thanks!
Thanks!
Re: How can I tell if MalwarePatrol is activated and working properly?
edit /etc/clamav-unofficial-sigs/master.conf
search for "malwarepatrol" and follow the instructions in the comments to configure your system to receive your malware patrol updates
run "sudo freshclam -v" to see if your system picks up the malware patrol signatures.
I'm not sure what will actually show up when you run freshclam, but you should find the malware patrol database in /var/lib/clamav. I ran the comand just now (I'm using the free database) and the file malwarepatrol.db is dated yesterday so there were no updates for me to pick up today.
search for "malwarepatrol" and follow the instructions in the comments to configure your system to receive your malware patrol updates
run "sudo freshclam -v" to see if your system picks up the malware patrol signatures.
I'm not sure what will actually show up when you run freshclam, but you should find the malware patrol database in /var/lib/clamav. I ran the comand just now (I'm using the free database) and the file malwarepatrol.db is dated yesterday so there were no updates for me to pick up today.
Re: How can I tell if MalwarePatrol is activated and working properly?
Thank you very much! Just what I needed. The date of my malwarepatrol.db is the date I installed E.F.A. so it appears just doing freshclam -v failed to update it today. Will try a reboot later today.
Re: How can I tell if MalwarePatrol is activated and working properly?
Just as an FYI you can tell it how often to update the malwarepatrol download in /etc/clamav-unofficial-sigs/master.conf and I set mine to 2 hours. You can actually see what going on in the /var/log/clamav-unofficial-sigs.log as well.
Re: How can I tell if MalwarePatrol is activated and working properly?
Since I am using a free account, I update every 35 hours, since I don't want to be a rude guest.
If you are using a paid account, then updating several times per day should be acceptable.
If you are using a paid account, then updating several times per day should be acceptable.
Re: How can I tell if MalwarePatrol is activated and working properly?
Hi guys,
i've signed up @malwarepatrol today (free subscription).
i've also added receipt number @efa
but when i look in /var/lib/clamav there is no malwarepatrol db and when i run "sudo freshclam -v" there appears also no entry similar too malwarepatrol...
anything else i have to do to get malwarepatrol working, except adding receipt key ?
thanks in advance
i've signed up @malwarepatrol today (free subscription).
i've also added receipt number @efa
but when i look in /var/lib/clamav there is no malwarepatrol db and when i run "sudo freshclam -v" there appears also no entry similar too malwarepatrol...
anything else i have to do to get malwarepatrol working, except adding receipt key ?
thanks in advance
Re: How can I tell if MalwarePatrol is activated and working properly?
any help would be greatly appreciated!
Re: How can I tell if MalwarePatrol is activated and working properly?
Did you check /var/log/clamav-unofficial-sigs.log ?
Re: How can I tell if MalwarePatrol is activated and working properly?
hi webguyz,
thanks for your response.
in /var/log/clamav-unofficial-sigs.log it tells me:
is it normal MP database does not change within 3 days ? how often does an update happen normally ?
can i assume malwarepatrol is working as intended because of the above log entry ?
thanks for your response.
in /var/log/clamav-unofficial-sigs.log it tells me:
Code: Select all
MalwarePatrol signature database (malwarepatrol.db) did not change - skipping
can i assume malwarepatrol is working as intended because of the above log entry ?
Re: How can I tell if MalwarePatrol is activated and working properly?
I have the paid version and see this almost every time I check (every 6 hours)
Feb 06 13:26:21 Checking for MalwarePatrol updates...
Feb 06 13:26:21 MalwarePatrol Database File Update
Feb 06 13:26:22 Testing updated MalwarePatrol database file: malwarepatrol.ndb
Feb 06 13:26:22 Clamscan reports MalwarePatrol malwarepatrol.ndb database integrity tested good
Feb 06 13:26:22 Successfully updated MalwarePatrol production database file: malwarepatrol.ndb
Feb 06 13:26:21 Checking for MalwarePatrol updates...
Feb 06 13:26:21 MalwarePatrol Database File Update
Feb 06 13:26:22 Testing updated MalwarePatrol database file: malwarepatrol.ndb
Feb 06 13:26:22 Clamscan reports MalwarePatrol malwarepatrol.ndb database integrity tested good
Feb 06 13:26:22 Successfully updated MalwarePatrol production database file: malwarepatrol.ndb
Re: How can I tell if MalwarePatrol is activated and working properly?
i'm also thinking about getting the paid version...
one question: is ransomware protection from paid version working good ?
two days ago a ransomware mail got through efa + malwarepatrol free, so i'm hoping paid version will get rid of this ...
Any other good protections against ransomware ?
one question: is ransomware protection from paid version working good ?
two days ago a ransomware mail got through efa + malwarepatrol free, so i'm hoping paid version will get rid of this ...
Any other good protections against ransomware ?
Re: How can I tell if MalwarePatrol is activated and working properly?
I just enabled MalwarePatrol with a free account. However, clamav is not loading anything and freshclam is now downloading anything.
From the logs:
Mar 20 16:37:56 Mon Mar 20 16:37:56 CET 2017 - Pause complete, checking for new database files...
Mar 20 16:37:56 Sanesecurity Database File Updates
Mar 20 16:37:56 2 hours have not yet elapsed since the last sanesecurity update check
Mar 20 16:37:56 No update check was performed at this time
Mar 20 16:37:56 Next check will be performed in approximately 0 hour(s), 55 minute(s)
Mar 20 16:37:56 linuxmalwaredetect Database File Updates
Mar 20 16:37:56 6 hours have not yet elapsed since the last linux malware detect update check
Mar 20 16:37:56 No update check was performed at this time
Mar 20 16:37:56 Next check will be performed in approximately 4 hour(s), 55 minute(s)
Mar 20 16:37:56 Yara-Rules Database File Updates
Mar 20 16:37:56 24 hours have not yet elapsed since the last yararulesproject database update check
Mar 20 16:37:56 No update check was performed at this time
Mar 20 16:37:56 Next check will be performed in approximately 22 hour(s), 55 minute(s)
Mar 20 16:37:56 No updates detected, ClamAV databases were not reloaded
Mar 20 16:37:56 Issue tracker : https://github.com/extremeshok/clamav-u ... igs/issues
Mar 20 16:37:56 New version : v5.6.2 @ https://github.com/extremeshok/clamav-unofficial-sigs
Mar 20 16:37:56 Powered By https://eXtremeSHOK.com
In master.conf it says
malwarepatrol_receipt_code="f14******09"
malwarepatrol_product_code="8"
malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
# Set to no to enable the commercial subscription url.
malwarepatrol_free="yes"
So it looks it should be working. But I can't see anything regarding to a working malwarepatrol.
Did I forget anything?
Thanks,
Roger
From the logs:
Mar 20 16:37:56 Mon Mar 20 16:37:56 CET 2017 - Pause complete, checking for new database files...
Mar 20 16:37:56 Sanesecurity Database File Updates
Mar 20 16:37:56 2 hours have not yet elapsed since the last sanesecurity update check
Mar 20 16:37:56 No update check was performed at this time
Mar 20 16:37:56 Next check will be performed in approximately 0 hour(s), 55 minute(s)
Mar 20 16:37:56 linuxmalwaredetect Database File Updates
Mar 20 16:37:56 6 hours have not yet elapsed since the last linux malware detect update check
Mar 20 16:37:56 No update check was performed at this time
Mar 20 16:37:56 Next check will be performed in approximately 4 hour(s), 55 minute(s)
Mar 20 16:37:56 Yara-Rules Database File Updates
Mar 20 16:37:56 24 hours have not yet elapsed since the last yararulesproject database update check
Mar 20 16:37:56 No update check was performed at this time
Mar 20 16:37:56 Next check will be performed in approximately 22 hour(s), 55 minute(s)
Mar 20 16:37:56 No updates detected, ClamAV databases were not reloaded
Mar 20 16:37:56 Issue tracker : https://github.com/extremeshok/clamav-u ... igs/issues
Mar 20 16:37:56 New version : v5.6.2 @ https://github.com/extremeshok/clamav-unofficial-sigs
Mar 20 16:37:56 Powered By https://eXtremeSHOK.com
In master.conf it says
malwarepatrol_receipt_code="f14******09"
malwarepatrol_product_code="8"
malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
# Set to no to enable the commercial subscription url.
malwarepatrol_free="yes"
So it looks it should be working. But I can't see anything regarding to a working malwarepatrol.
Did I forget anything?
Thanks,
Roger
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: How can I tell if MalwarePatrol is activated and working properly?
Don't think so, MailWarePatrol free only releases new updates periodically though.
Re: How can I tell if MalwarePatrol is activated and working properly?
I know, every 72 hours, but shouldn't freshclam try to get an update?
Edit: I now see that feshclam isn't running at all. Last activity in the log is from 2 days ago. Is freshclam supposed to run from cron or as a daemon?
Thanks,
Roger
Edit: I now see that feshclam isn't running at all. Last activity in the log is from 2 days ago. Is freshclam supposed to run from cron or as a daemon?
Thanks,
Roger
-
- Posts: 16
- Joined: 04 Mar 2015 11:17
Re: How can I tell if MalwarePatrol is activated and working properly?
You need to do the following:
1) sudo vim /etc/clamav-unofficial-sigs/master.conf and search for the below lines
malwarepatrol_enabled="yes"
malwarepatrol_receipt_code="YOUR-RECEIPT-NUMBER"
malwarepatrol_product_code="8"
Use 8 if you have a Free account or 15 if you are a Premium customer.
malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
malwarepatrol_free="yes"
Set to yes if you have a Free account or no if you are a Premium customer.
malwarepatrol_update_hours="2" if you are a Premium customer
2) sudo /usr/bin/clamav-unofficial-sigs.sh which will update the definitions
1) sudo vim /etc/clamav-unofficial-sigs/master.conf and search for the below lines
malwarepatrol_enabled="yes"
malwarepatrol_receipt_code="YOUR-RECEIPT-NUMBER"
malwarepatrol_product_code="8"
Use 8 if you have a Free account or 15 if you are a Premium customer.
malwarepatrol_list="clamav_basic" # clamav_basic or clamav_ext
malwarepatrol_free="yes"
Set to yes if you have a Free account or no if you are a Premium customer.
malwarepatrol_update_hours="2" if you are a Premium customer
2) sudo /usr/bin/clamav-unofficial-sigs.sh which will update the definitions